Method and apparatus for metadata driven web service mediation

ABSTRACT

A mechanism lets a service consumer add mediation metadata in a Simple Object Access Protocol (SOAP) message and lets a service provider perform server side mediation based on the pre-defined mediation metadata. A client side mediation engine is plugged into a client SOAP engine. When the client side mediation engine receives a request message from the client SOAP engine, metadata is attached to a message header of a SOAP message and returned to the client SOAP engine. A server side mediation engine is plugged the server side mediation engine receives a SOAP message from the server SOAP engine, metadata is mapped with an appropriate adaptor and returned to the server SOAP engine.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention is directed to a method and apparatus forinserting mediation metadata into a Simple Object Access Protocol (SOAP)message based on existing Web service client engine.

2. Background Description

Web Services (WS) are being considered an excellent technology toachieve business integration. Many companies are putting effort onintegrating internal and external application and resources by WebServices.

Web Services involve a family of related protocols to describe, deliver,and interact with services. This family can be further subdivided intogroupings based on common functions and uses. The first group handlesthe issues of messaging, interface description, addressing and delivery.The most well-known is the messaging protocol known as Simple ObjectAccess Protocol (SOAP). This protocol encodes messages so they can bedelivered over the network using a transport protocol such as HypertextTransfer Protocol (HTTP), Internet Inter-Orb Protocol (IIOP), SimpleMail Transfer Protocol (SMTP), or others. The Web Services DescriptionLanguage (WSDL) is represented as a series of extensible Markup Language(XML) statements that constitute the definition for the interfaces ofeach service. The Universal Description, Discovery and Integration(UDDI) protocol defines a registry and associated protocols for locatingand accessing services. Web Service Policy (WS-Policy) provides ageneral purpose model and syntax to describe and communicate thepolicies of a Web service.

Although there are many specifications on Web Services, there are stillmany problems to be solved when putting Web Services into practice. WebServices are published for consumer invocation. Different consumers havedifferent requirements, both functional and non-functional. But there isno way for a consumer to negotiate with a Web Service to customize theWeb Service at runtime. The interaction between service provider andservice consumer is SOAP message exchange. Customization of a Webservice is equal to customizing SOAP message structure and content.Current Web Services engines can not provide such capabilities. Someexamples are described below.

The SOAP body can not be customized. If a consumer and a service havedifferent data schema, transformation on the SOAP body must be performedbetween the consumer and the service. For example, a travel agentapplication requests a train list by invoking a train query service. Thequery service has an operation named “GetAllTrains”, whose return typeis “AllTrains”. But the travel agent uses a Train List, which isdifferent from a Ticket. So a data mapping should be put into serverside or client side. Under most conditions, the server would not providean additional method or mapping handler for the individual consumer.That means the consumer should adapt itself to the service, or themapping work is always done at the consumer side. This solution is notgood enough under some conditions, such as when the consumer has a poorcomputation resource, or the consumer does not know how to perform sucha transformation.

The message content can not be filtered. A consumer can not selectivelyretrieve an invocation result. For example, “AllTrains” will be returnedby the service, but “AllTrains” is a large record, which containsdetailed information of each train, while the consumer only needs thetrain number of each train. Transferring unnecessary data will not onlycost network resources, but also increase overhead on data serializationand deserialization.

The security policy can not be changed according to the customer'srequirements. The security policy is claimed using WS-SecurityPolicy. Itcould be retrieved by the consumer using WS-MetadataExchange at runtimeor from the WSDL document which has the WS-Policy attached at designtime. Then the consumer could construct a SOAP request following thesecurity policy. This mechanism lacks flexibility of constructing theSOAP invocation message. First of all, the service can not providemultiple policies so the client can not select a policy. All consumersmust share same security policy, which is configured statically. On theother hand, the client can not change the policy. For example, a trainquery service does not define the security policy, but an agent wantsthe result message to be encrypted. It is impossible to achieve suchencryption without configuring the service.

In current solutions, the service provider needs to take great effort inchanging the security policy, adding a transformation handler andemploying a filtering method for different consumers.

Some solutions have been proposed to address some of these issues. U.S.Patent Application Publication No. 20030217044 A1 provides a solution toautomate a method signature adaptation for dynamic web serviceinvocation. It adds a MetaWSDL to each service. MetaWSDL is an XMLpresentation to describe a MetaObject. By adding this semanticinformation, different input messages could be transformed to messagesconforming to WSDL of service. This method requires changes at theclient side, at the UDDI server and at the service provider side. Themethod could only change parameter types of Web service methods.Security policy changing and SOAP response filtering can not beperformed. Moerover, the method presented in U.S. Patent ApplicationPublication No. 20030217044 A1 does not use the SOAP header to carry theMetaWSDL, which is grouped with a corresponding WSDL document in a WSIL(Web Services Inspection Language) document.

A Web service gateway provides the ability to transmit a SOAP message.It acts as a mediator between the service provider and the serviceconsumer. The main value of the gateway is to have a central controlpoint on distributed services. Transformation and filtering could bedone only by adding handlers which need additional development work.

SUMMARY OF THE INVENTION

In view of the foregoing problems, it is therefore an object of thepresent invention to provide a method of attaching mediation metadata ina SOAP message.

Another object of the invention is to provide a mediating SOAP messagebased on the metadata in the SOAP message.

The invention accomplishes these objects by mapping metadata withappropriate adaptor(s). Therefore, a further object of the invention isto provide a method of implementing a transformation adaptor andconstructing transformation metadata.

Further objects of the invention are the provision of methods ofimplementing a filtering adaptor and constructing filtering metadata.

Still another objects of the invention are the provision of methods ofimplementing a security adaptor and constructing security metadata.

These an other objects of the invention are accomplished with anapparatus which inserts mediation metadata into a SOAP message based onexisting Web service client engine.

Current Web service metadata is always statically defined, such as WSDLand WS-Policy. The statically defined metadata provide a foundation forinteraction. In order to achieve some flexibility for Web Services, thepresent invention provides a mechanism to add metadata into the headerof each request SOAP message, so metadata driven mediation can beexecuted on the server side for each SOAP message. Mediation means areprovided for modifying format and/or content of a message. By usingmediation, a consumer and a provider, each with different data schemaand security policies, can be linked together. Using metadata providedby the consumer, the service provider can understand the consumer'srequirement on mediation.

The advantages of the present invention are:

-   1) Improved service flexibility and adaptability, and reduction in    management cost. Once a service provider publishes a service, the    service management work begins. The management cost could be very    high, because there are many requirements from different consumers    on security policies, method signature, and data filtering. All    these have nothing to do with service implementation. So one    possible result is that the administrator keeps on adding different    adaptor services or wrapper services for a same service    implementation, fulfilling consumer's needs. Some of the    requirements are short-lived or even one-off. It will be a    management nightmare for service administrator. The biggest    advantage of the present invention is that it enables service    consumer to customize each invocation without service    administrator's involvement. The integration lifecycle is shortened    greatly.-   2) Improved performance of service invocation. Service consumers of    a same service may have different requirements on content of an    invocation result. Unnecessary data transfer and serialization will    happen for some consumers. This will amazingly increase overhead and    greatly harm invocation performance. For consumers that have limited    resources, it will be even worse because data needs to be    transformed before it cam be utilized. The present invention    provides a mechanism to enable server side mediation. Lots of work    can be done on server side. This reduces the consumer's processing    time and eliminates unnecessary network traffic.-   3) Simplified service definition. The present invention enables the    consumer to claim requirement on demand. The service provider can    pay less attention on how the consumer will invoke service. For    example, there is no need to provide same service functionality with    different method signatures. Only one method is needed for one    function. The service can keep concision, and the consumer will be    also satisfied, because no judgment will be made on which method    should be used especially when there are multiple similar methods.

BRIEF DESCRIPTION OF THE DRAWINGS

The foregoing and other objects, aspects and advantages will be betterunderstood from the following detailed description of a preferredembodiment of the invention with reference to the drawings, in which:

FIG. 1 is a diagram illustrating a sample data schema;

FIG. 2 is a block diagram illustrating an apparatus implementing thedisclosed method according to the invention;

FIG. 3 is a flow diagram illustrating the logic of the workflow setupmetadata driver mediation at the server side;

FIG. 4 is a flow diagram illustrating the logic of the workflow of setupmetadata driver mediation at the client side;

FIG. 5 is a flow diagram illustrating the logic of the workflow ofattaching metadata in the client mediation engine; and

FIG. 6 is a flow diagram illustrating the logic of the workflow ofmediation in the server mediation engine.

DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT OF THE INVENTION

Before describing the preferred embodiment of the invention, thefollowing background knowledge is required by way of introduction.EXtensible Stylesheet Language Transformation (XSLT) is a language fortransforming XML documents into other XML documents. XSLT can also addnew elements into the output file, or remove elements. It can rearrangeand sort elements, and test and make decisions about which elements todisplay, and a lot more. It became a World Wide Web Consortium (W3C)Recommendation on Nov. 16, 1999.

A transformation expressed in XSLT is called a stylesheet. A stylesheetis also an XML document. A stylesheet contains a set of template rules.A template rule has two parts: (1) a pattern which is matched againstnodes in the source tree and (2) a template which can be instantiated toform part of the result tree. The transformation engine has two inputs:(1) a stylesheet document and (2) a source XML document. After theengine's processing, the result document will be generated.

XQuery is a language flexible enough to query a broad spectrum of XMLinformation sources, including both databases and documents. XQueryoperates on the abstract, logical structure of an XML document, ratherthan its surface syntax. This logical structure is known as the datamodel. XQuery allows both specifying what will be found and designatingwhat its output format should look like in the same query.

The goal of WS-Security is to enable applications to construct secureSOAP message exchanges. WS-Security is flexible and is designed to beused as the basis for the construction of a wide variety of securitymodels including Public Key Infrastructure (PKI), Kerberos, and SecureSockets Layer (SSL). Specifically, WS-Security provides support formultiple security tokens, multiple trust domains, multiple signatureformats, and multiple encryption technologies. WS-Security providesthree main mechanisms: (1) security token propagation, (2) messageintegrity, and (3) message confidentiality. These mechanisms can be usedindependently (e.g., to pass a security token) or in a tightlyintegrated manner (e.g., signing and encrypting a message and providinga security token hierarchy associated with the keys used for signing andencryption).

The present invention provides a mechanism to let a service consumer addmediation metadata and let a service provider perform server sidemediation based on the pre-defined mediation metadata.

Three types of mediations are provided in the present invention:

-   1) Transformation. In existing solutions, a consumer knows the data    schema of the service by retrieving WSDL. The message sent or    received by the consumer must conform to the data schema definition.    If the consumer uses a different data model inside a consumer    application, the consumer must transform input and output SOAP    messages. This transformation could produce some overhead. When the    consumer's computation resource is limited, such as a mobile device,    the service invocation performance may be a problem. Under such a    condition, the server side mediation could be a help. Existing    solutions always use a statically configured handler or hard-coded    adaptor to achieve the server side transformation. When a consumer    comes with a different data schema, a new adaptor needs to be    developed. In the present invention, the server side transformation    is not hard coded. A transformation metadata will be attached onto    the SOAP message. The metadata contains all the necessary    information about transforming between a consumer XML document and a    provider XML document. A server side transformation engine    transforms the message based on the metadata. The transformation is    controlled by the consumer using metadata. Different consumers can    attach different metadata.-   2) Filtering. At Web Service design time. Some filtering method may    be considered and added as a Web service operation, but it is not    possible that all the possible filtering methods could be covered.    When a service is published, different requirements associated with    a consumer will arise. For example, FIG. 1 is the data schema of a    result of a TrainQuery service. Some consumers may need detailed    price and station information, while others only need startTime and    endTime of the train. If there is no such method provided at design    time, the present invention can perform server side filtering at    runtime. There is no need to change service design. Every    configuration is not needed. The filtering is totally based on XML    processing. Filtering metadata is sent along with the message and    passed to the XML filter.-   3) Security policy customizing. Web service security does not    support customization or negotiation. Service could be published    along with its security policy. Based on this policy, a consumer    could make necessary encryption, add signature or identification. In    the present invention, the consumer can assign the desired security    policy which is different from the published security policy. This    is useful in a dynamic environment, which needs flexibility in terms    of message level security enablement. The security metadata contains    preferred security policy and corresponding algorithm. The server    can apply this customized policy dynamically for processing the    incoming SOAP message.

In order to attach appropriate metadata with a SOAP request message, theconsumer needs to build a configuration file or extend the Web Service'sclient deployment descriptor. This configuration contains the necessarymetadata for service mediation. When a service is invoked, the WebService runtime will investigate the mediation configuration andautomatically attach metadata for each outgoing message. With aconfiguration file, there is no need to change the client programmingmodel for invoking a Web Service.

This declarative solution is targeted for per-customer customization ormediation. For instance, each customer has one mediation policy. Ifper-call customization is needed, the consumer can use a programinterface provided by the client mediation engine. Then the client canset a proffered mediation parameter for each call.

On the server side, a mediation engine is plugged into a SOAP engine.The mediation engine processes a SOAP message before and after serviceinvocation. It analyzes the metadata type and dispatches the message toappropriate adaptors. Each adaptor will handle a kind of metadata.

There are three default adaptors that could enable transformation,filtering and security mediation. Other adaptors could also beinstalled, which would provide other mediation functionalities. Adaptorscan be installed by service administrators directly, with requiredbinary component and configurations. Adaptors can also be installeddynamically by a consumer. This type of adaptor does not have animplementation on the server. It is a specific Web Service. The adaptorwill only be used for processing messages.

FIG. 2 is the apparatus of the present invention. The apparatus is basedon existing an SOAP engine and client engine, such as Web Servicesinvocation framework (WSIF). The components of the apparatus integratewith existing the SOAP engine in a seamless manner. Only the leasteffort is needed to change an exiting Web Service stack. Thesecomponents can be divided to two categories; one is for runtimemediation support, the other is for design time configuration ormanagement support. There is also a difference on where to place thecomponents. The components are distributed on both client side andserver side.

More particularly, with reference to FIG. 2, the client side includes aclient application 201 and a client side mediation engine 202. Theclient application 201 makes a call to a client engine 203 whichgenerates a SOAP message 204. The client side mediation engine 202consults a consumer mediation policy 205 and attaches transformationmetadata to the SOAP message 204. The SOAP message 204 is then bound toa protocol (e.g., HTTP) in protocol binding 206 before being sent on thenetwork.

Metadata will be presented in XML format and embedded in SOAP header.The namespace for this metadata is http://www.wsmediation.com/metadata.The prefix is wsm. For a specific metadata type, another namespace couldbe defined. Following is an example SOAP message which containsmediation, metadata. <S:Envelopexmlns:S=“http://www.w3.org/2003/05/soap-envelope” xmlns:wsm=“http://www.wsmediation.com/metadata”xmins:wsmt=“http://www.wsmediation.com/transformation”xmins:wsmf=“http://www.wsmediation.com/filtering”xmins:wsms=“http://www.wsmediation.com/security”xmins:wsse=“http://schemas.xmisoap.org/ws/2002/12/secext” xmins:wsp=“http://schemas.xmisoap.org/ws/2002/12/policy“> <S:Header><wsm:transformation> <wsmt:instylesheeturl=“http://www.example.com/in.xsl”/> <wsmt:outstylesheeturl=“http://www.example.com/out.xsl”/> <lwsm:transformation><wsm:filtering> <wsmf:expressionurl=“http://www.example.com/xquery.exp”/> </wsm:filtering><wsm:security> <wsse:Integrity wsp:Preference=“...” wsp:Usage=“...1”><wsse:Algorithm Type=“...” URI=“...” wsp:Preference=“...”/></wsse:Integrity> </wsm:security> </S:Header> <S:Body> </S: Body></S:Envelope>

In the metadata assertion, there are multiple namespaces. wsmt, wsmf,wsms are three mediation namespaces, which indicating the type of themetadata is for transformation, filtering or security mediation purpose.wsse and wsp comes from WS-Security and WS-Policy specification, whichindicating the metadata is conforms to these standards.

The following describes the attributes and elements listed in the schemaoverview above:/wsm:transformation.

This presents the element containing metadata for transformation. Inthis element, some elements with namespace “wsmt” could be defined. Thewsmt element is targeting for defining transformation specificparameters./wsmt:instylesheet

This element contains the style sheet for input message transformation.The style sheet could be claimed in the element body./wsmt:instylesheet@url

There is another way to provide style sheet. This attribute refers to adocument on network. So the style sheet does not need to be transferredwith SOAP message. This will make it possible to cache style sheet onserver side. The caching mechanism is out of the scope of thisinvention./wsmt:outstylesheet

This is similar with /wsmt:instylesheet. It will be used for outputmessage transformation./wsmt:outstylesheet@url

This is similar with /wsmt:instylesheet@url/wsmt:{any}

This contains other information needed by transformation engine./wsm:filtering

This presents the element containing filtering metadata./wsmf:expression

This presents the element containing XML query expression./wsmf:expression@url

Query expression does not need to be transferred with SOAP message. Itcould be referred using a URL./wsmf:{any}

This contains other information needed by filtering engine./wsm:security

This contains security policy assertion. This assertion could be definedusing WS-SecurityPolicy./wsm:{any}

This provides an extensible point to add other type of metadata formediation purpose.

Referring again to FIG. 2, on the server side, the SOAP message isreceived at the service endpoint 207. A server side mediation engine 208retrieves the transformation metadata from the SOAP message 209 beforethe SOAP message is input to the SOAP engine 210. The changed message isthen input to the service implementation 211. The server side mediationengine 208 accesses local adaptors 212 and remote adaptors 213. Theserver mediation engine 208 is plugged into server side SOAP stack. TheSOAP message is processed by mediation engine 208 before and aftermessage is processed by service implementation 211. The mediation engine208 does not change the SOAP message 209 directly; rather, it analyzesthe type of metadata and forwards the SOAP message to a correspondingadaptor. The type of metadata will be identified by the element name,such as wsm:transformation, wsm:filtering and so on.

There is a configuration file recording the mapping between the metadatatype and the adaptor. The configuration file is like this: <adaptorname=“transformation”><namespace>http://www.wsmediation.com/transformation</namespace><local>com.wsmediation.com.TransformationAdaptor</local> <remotetype=“Web service”>http://192.168.1.1:80/ transform</remote> </adaptor>

In the configuration, the namespace is used to identify the metadatatype contained in the incoming message. If the metadata type in themessage matches the adaptor namespace in the configuration file, a localadaptor 212 defined in local element will be invoked. If no localelement is defined, then a remote adaptor 213 will be invoked. Theremote adaptor could be a Web Service, an Enterprise Java Bean (EJB) orother components. In the current example, a remote Web Service isdefined. The endpoint for the service ishttp://192.168.1.1:80/transform.

For each message, multiple adaptors could be invoked in order. The orderof processing is based on the appearance order of metadata in theincoming message. For example, if the incoming message is like<wsm:transformation> . . . </wsm:tra nsformation> <wsm:filtering> . . .</wsm:filtering>then the transformation adaptor will be invoked first for incomingmessage, and then the filter adaptor. For an output message, the orderis reversed.

As indicated in FIG. 2, the adaptor could be implemented as a localcomponent, local adaptors 212, or a remote service, remote adaptors 213.Adaptors are used to handle messages. Each adaptor must expose thefollowing interface definition: Interface Adaptor { SOAPMessagehandleIncoming(MessageContext context, SOAPMessage message); SOAPMessagehandleOutcoming(MessageContext context, SOAPMessage message); }

The two methods are used to handle the incoming request and outgoingresponse, respectively. For each method, SOAPMessage is the datastructure holding in-memory an XML document. MessageContext is the datafield holding temporary data. For example, an adaptor could put someproperties in the MessageContext, so the next adaptor could acquirethese properties by reading MessageContext.

A transformation adaptor performs SOAP body transformation. Twotransformations will happen; first, after a message is received and,second, before a message is sent. To transform a message, the adaptorneeds to know how to transform the message. Transformation metadatacontains a style sheet, which can be utilized by the adaptor. Thecommonly used XML transformation processor, XSLT engine, can be used ina specific implementation of the invention. Other XML processors couldalso be used.

The filtering adaptor filters the SOAP response message before it issent by server. In a specific implementation of the invention, an XQueryengine would be suitable for building a filtering adaptor, with a queryexpression from metadata utilized by the adaptor.

The security adaptor is a WS-Security enabler which applies customizedsecurity policy on the response message. In order to achieve thisruntime adaptability, the adaptor must understand the securityrequirement from the consumer by analyzing the security policy carriedin the request message dynamically. Based on the understanding, theadaptor makes adequate encryption, signature on the response message.

The adaptor management service 214 is used to manage the adaptors. Ithas a local and remote interface. Local interface is a user interface.It is used for local administration. The service administrator caninstall, uninstall or upgrade an adaptor using the local interface. Foreach operation, an adaptor configuration file is updated. The remoteinterface is exposed as a Web Service. The consumer can query existingadaptors deployed on server side. When a query is received by theservice, it will scan the configuration file and return the matchedadaptor information. Based on the query, the consumer can know if theserver supports specific server side mediation.

As mentioned, the client mediation engine 202 attaches mediationmetadata in the request message. It does not change response message.The metadata to be attached is decided by the mediation policy 205. Thepolicy could be defined by extending a WSDL document or creating aconfiguration file. Following is an example configuration file:<mediations> <service name=“TrainService”namespace=“http://www.train.com/service”/> <port name=“TrainQueryPort”namespace=“http://www.train.com/service”/> <operationname=“GetAllTrains” namespace=“http://www.train.com/service”/> <list><mediation name=“transformation”namespace=“http://www.wsmediation.com/transformation”> <instylesheeturl=“http://www.example.com/in.xsl”/> <outstylesheeturl=“http://www.example.com/out.xsl”/> </mediation> <mediationname=“transformation”namespace=“http://www.wsmediation.com/transformation”> <expressionurl=“http://www.example.com/xquery.exp”/> </mediation> </list></mediations>

In the configuration, service, port, operation element is used toindicate to which service the message will be attached with themetadata. The service element is mandatory. Port and operation elementare optional. If no port and operation appears in policy, all messagessent to the service will be attached with the metadata. In the listelement, a list of metadata is defined. This metadata will be changedslightly and attached to the request message.

The consumer can also attach metadata that server may not understand. Inthis condition, the mediation element in the policy must contain aservice Uniform Resource Locator (URL). That means the service accordingto the invention can make required mediation. When the server mediationengine 208 finds such metadata, it will forward the message to theservice.

Mediation policy can be defined manually or generated by policyassembler 215. The policy assembler 215 can query server side adaptormanagement service 214 and list supported adaptors. A consumer sideapplication builder can utilize this information and establish metadata,such as a transformation template, filtering expression or a securitypolicy.

FIG. 3 shows the workflow of setup metadata driver mediation at theserver side. The process begins at function block 31 by plugging themediation engine 208 into the server SOAP engine 210. The adaptormanagement service 214 is then installed in function block 32. Finally,the adaptors, local adapters 212 and remote adaptors 213, are installedat function block 33.

FIG. 4 shows the workflow of set up metadata driver mediation at theclient side. The process begins at function block 41 by starting thepolicy assembler 215. Next, the query server side adaptors are installedat function block 42. The metadata for each mediation are input infunction block 43. The mediation policy for each service is generated atfunction block 44. Finally, the client mediation engine 202 is pluggedinto the client SOAP engine 203 in function block 45.

FIG. 5 shows the workflow of attaching metadata in the client mediationengine 202. The process begins in function block 51 when a requestmessage is received from the SOAP engine 203. A determination is made indecision block 52 as to whether mediation is defined for the service. Ifnot, the process ends; otherwise, the metadata is attached to themessage header in function block 53. Finally, the message is returned tothe SOAP engine in function block 54.

FIG. 6 shows the workflow of mediation in the server mediation engine208. The process begins when a message is received from the SOAP engine210 in function block 61. A determination is made in decision block 62as to whether there is any more metadata in the message. If not, themessage is returned to the SOAP engine 210 in function block 63;otherwise, a further determination is made in decision block 64 as towhether there is a local adapter. If so, a local adaptor 212 is invokedin function block 65, but if not, a remote adaptor 213 is invoked infunction block 66. A return is made to decision block 62, and theprocess continues until there is no more metadata in the message.

While the invention has been described in terms of a single preferredembodiment, those skilled in the art will recognize that the inventioncan be practiced with modification within the spirit and scope of theappended claims.

1. A method of attaching mediation metadata in a Simple Object AccessProtocol (SOAP) message, comprising the steps of: providing a clientside mediation engine; plugging the client side mediation engine into aclient SOAP engine; receiving by the client side mediation engine arequest message from the client SOAP engine; attaching metadata to amessage header of a SOAP message; and returning the SOAP message to theclient SOAP engine.
 2. The method according to claim 1, wherein the SOAPmessage is mediated based on the metadata in the SOAP message furthercomprising the steps of: providing a server side mediation engine;plugging the server side mediation engine into a server SOAP engine;receiving by the server side mediation engine a SOAP message from theserver SOAP engine; mapping metadata with an appropriate adaptor; andreturning the SOAP message to the server SOAP engine.
 3. The methodaccording to claim 2, further comprising the steps of: implementing oneor more adaptors; and constructing metadata specific to each of said oneof more adaptors for use by said one or more adaptors.
 4. The methodaccording to claim 3, further comprising the steps of: implementing atransformation adaptor; and constructing transformation metadata for useby said transformation adaptor.
 5. The method according to claim 3,further comprising the steps of: implementing a filtering adaptor; andconstructing filtering data for use by said filtering adaptor.
 6. Themethod according to claim 3, further comprising the steps of:implementing a security adaptor; and constructing security metadata foruse by said security adaptor.
 7. The method according to claim 3,further comprising the step of managing said one or more mediationadaptors.
 8. An apparatus for inserting mediation metadata into a SimpleObject Access Protocol (SOAP) message based on an existing Web Serviceclient engine, said apparatus comprising: a client side mediation engineplugged into a client SOAP engine; and a mediation policy accessed bysaid client side mediation engine, and when the client side mediationengine receives a request message from the client SOAP engine, theclient side mediation engine attaches metadata to a message header of aSOAP message and returns the SOAP message to the client SOAP engine. 9.The apparatus of claim 8, wherein a SOAP message is mediated based on anexisting Web Service engine, the apparatus further comprising: a serverside mediation engine plugged into a server SOAP engine; and one or moreadaptors accessed by said server side mediation engine, and when a SOAPmessage is received by the server side mediation engine from the serverSOAP engine, said server side mediation engine maps metadata in the SOAPmessage with an appropriate adaptor and returns the SOAP message to theserver SOAP engine.
 10. The apparatus of claim 9, further comprising anadaptor management service for managing said one or more adaptors. 11.The apparatus of claim 9, wherein one of said one or more adaptors is atransformation adaptor which performs a SOAP body transformation basedon transformation metadata.
 12. The apparatus of claim 9, wherein one ofsaid one or more adaptors is a filtering adaptor which filters a SOAPresponse based on filtering metadata.
 13. The apparatus of claim 9,wherein one of said one or more adaptors is a security adapter whichapplies a customized security policy to the SOAP message based onsecurity metadata.